Access Management is a really “dry” term that probably glazes over the eyes of most computer and mobile device users. I like to use a “gated community” or “storage unit” analogy because it illustrates a couple of significant pieces of both the concept and the practice itself.
To enter a gated community or off-site storage unit in a vehicle I must possess an entry code. The road or driveway I use to enter is like the network connection to a computer or mobile device. Without the code, the gate won’t open and I won’t be able to drive through. The code is like the username and password of my device, but over time this device “entry point” has been “modernized” so that the operating system or apps on the device have taken over issuing the code without my having to or even knowing that it has. Even though we can still manually accomplish these functions, we’ve become so inattentive, lazy, and impatient that we now delegate permission to the device, operating system, apps, or other features to automatically provide access. So now when my car gets near the gate, it opens automatically without me doing anything. The “gate” trusts that I am in the car and that access is safe.
And now the BAD NEWS. The need to monitize computer apps and programs has changed the architecture of operating systems and browsers – the well-known ones like Mozilla, Chrome, Safari, and Internet Explorer – and those simpler ones embedded in Android devices. They have been given new capabilities, usually identified as extensions or plug-ins. But the most recent, interesting change is that these capabilities automatically collect information about you, your device, location, shopping habits, and other types of information to be collected, organized, and sold – instantly – to other third-parties for their use and benefit. They pass it on while connecting you to the “target” site you have selected from the search results through a set of transactions to which you have not explicitly agreed. And most of us don’t care, either.
The best example that I noticed recently is that I used my laptop to browse online to find a trailer hitch for my car. I located one, purchased it online, and went back to watching Sunday Night Football on TV. The next morning, while checking another of my blog sites – one that uses Google Ad Sense for advertising – I saw an ad sponsored by the very company who manufactures the bumper hitch that I had purchased the night before. This was not a coincidence, mind you. The usual advertising on my blog sites is technology related. And the ad wasn’t even from the supplier from whom I had completed the eCommerce transaction, it was from the manufacturer.
So what happened? Here’s what I used for the transaction (that I was aware of and sanctioned). Draw your own conclusions:
And when this transaction was happening, I looked at the lower left-had side of my browser and saw the targets of a number of connections being made to a whole chain of linked systems between me and the vendor. These systems are used to collect data – we now call it BIG DATA. This data is sold to advertisers who will now target me immediately with a variety of types of information that will influence my buying decisions over the coming days and weeks. The tracking of my online activity that occurred was automatically activated because I relinquished control of access to my device.
I am still conflicted about whether this is good, bad, or just a necessary evil that comes with the “free” nature of the Internet. Yes, I pay for the computer or smartphone, the operating system (Windows, OSX), the connectivity, the governance of the networks (FCC through taxes), the shipping, and product itself. But I don’t pay anything (directly) for those information services that live between me and the site I “browsed”. And, apparently, it didn’t even matter whether or not I bought something. Today’s ad appeared solely because I landed on a site yesterday where the manufacturer’s product was featured.
This type of cyber “surveillance” is a consequence of the changes going on with digital identity, Internet privacy, and device security. And the conversation will most certainly continue.
Thanks to Colin MacKinnon – Editor of The Cloud is Huge